More and more phishing scams are entering our mailboxes every day. Looks can be deceiving. The phishing email and the fake website might look good and convincing, but usually most of these scams are easily recognised if you verify the real sender email address and the domains of the URL’s in the email. Here is a real example of an Apple iTunes scam that wants to steal your username, password and credit card’s details. Don’t fall victim to this scam! The following screenshots are taken from an iPhone.

How it starts

1. Getting Phished:

First you get this email.

“Oh, there is a problem. I should sign-in to solve it. OK, it sounds good.”

2.Verify Sender:

Press-and-hold the “from field” to inspect the real sender address!

Does this look like a genuine Apple email address to you?

3.Verify Destination:

Falling Victim

The above email address and URL verification checks give two, very clear phishing indicator alarms. People – that don’t recognize these phishing indicators – might visit the hacked website and are likely to fall victim to the following double data steal: They will have their user account & password stolen together with their full credit card details.

1.Stealing Username & Password:

The website looks genuine: “Sure let’s log in here!”

Did you notice the URL address at the top of the window? Does this look like a domain Apple uses? No, this is a hacked website that is being abused.

2.Stealing more data:

Since they have got you hooked now, they will try to go all the way. Still not suspicious about the top URL?

3. Stealing Credit Card:

The final screen will ask for full credit card details. At this point you will probably not even notice the spelling errors anymore. “Janaury”?

All done! You have now been successfully phished!

Your apple account is hacked and your credit card is stolen. A great way to start the weekend! Next week you should notice all sort of strange payments being made with your credit card and it might become hard to get access to your apple account in the future. If your photo’s, contact or other data are synchronized into Apple’s iCloud they will now also be accessible by the hacker.

Time to thank you:

You were extremely helpful!

Ending on the real Apple website:

After that final confirmation, you are redirected to the real Apple website, which looks very similar.

What should I do know?

In case you went all the way, but have figured out that you probably have done something wrong, you can do the following:

Change or reset your Apple Account passwordwhile you still have access. If your access is already blocked, you can try a password reset. If that doesn’t work either you can contact Apple support to help you out.

Prevent this from happening again! Always be suspicious with emails! Verify the real sender email and the real URL’s in the email!

Start using a stronger form of authentication!Username and passwords are almost dead. If you want to prevent password steal scenario’s like this in the future, consider enabling a stronger form of authentication that is not just based on only a username and password. This is usually called strong authentication and requires an extra code, for instance an extra SMS or other one-time code at regular intervals and/or when you are logging in from a new device. All major online services like Facebook, Dropbox, Apple, gmail, Office365, etc… support this. Google for: Strong authentication, 2 factor authentication, 2-step authentication.